2 // SignedXmlTest.cs - NUnit Test Cases for SignedXml
5 // Sebastien Pouliot <sebastien@ximian.com>
7 // (C) 2002, 2003 Motus Technologies Inc. (http://www.motus.com)
8 // Copyright (C) 2004-2005, 2008 Novell, Inc (http://www.novell.com)
12 using System.Globalization;
14 using System.Security.Cryptography;
15 using System.Security.Cryptography.X509Certificates;
16 using System.Security.Cryptography.Xml;
20 using NUnit.Framework;
22 namespace MonoTests.System.Security.Cryptography.Xml {
24 public class SignedXmlEx : SignedXml {
26 // required to test protected GetPublicKey in SignedXml
27 public AsymmetricAlgorithm PublicGetPublicKey ()
29 return base.GetPublicKey ();
34 public class SignedXmlTest : Assertion {
36 private const string signature = "<Signature xmlns=\"http://www.w3.org/2000/09/xmldsig#\"><SignedInfo><CanonicalizationMethod Algorithm=\"http://www.w3.org/TR/2001/REC-xml-c14n-20010315\" /><SignatureMethod Algorithm=\"http://www.w3.org/2000/09/xmldsig#rsa-sha1\" /><Reference URI=\"#MyObjectId\"><DigestMethod Algorithm=\"http://www.w3.org/2000/09/xmldsig#sha1\" /><DigestValue>CTnnhjxUQHJmD+t1MjVXrOW+MCA=</DigestValue></Reference></SignedInfo><SignatureValue>dbFt6Zw3vR+Xh7LbM/vuifyFA7gPh/NlDM2Glz/SJBsveISieuTBpZlk/zavAeuXR/Nu0Ztt4OP4tCOg09a2RNlrTP0dhkeEfL1jTzpnVaLHuQbCiwOWCgbRif7Xt7N12FuiHYb3BltP/YyXS4E12NxlGlqnDiFA1v/mkK5+C1o=</SignatureValue><KeyInfo><KeyValue xmlns=\"http://www.w3.org/2000/09/xmldsig#\"><RSAKeyValue><Modulus>hEfTJNa2idz2u+fSYDDG4Lx/xuk4aBbvOPVNqgc1l9Y8t7Pt+ZyF+kkF3uUl8Y0700BFGAsprnhwrWENK+PGdtvM5796ZKxCCa0ooKkofiT4355HqK26hpV8dvj38vq/rkJe1jHZgkTKa+c/0vjcYZOI/RT/IZv9JfXxVWLuLxk=</Modulus><Exponent>EQ==</Exponent></RSAKeyValue></KeyValue></KeyInfo><Object Id=\"MyObjectId\" xmlns=\"http://www.w3.org/2000/09/xmldsig#\"><ObjectListTag xmlns=\"\" /></Object></Signature>";
39 public void StaticValues ()
41 AssertEquals ("XmlDsigCanonicalizationUrl", "http://www.w3.org/TR/2001/REC-xml-c14n-20010315", SignedXml.XmlDsigCanonicalizationUrl);
42 AssertEquals ("XmlDsigCanonicalizationWithCommentsUrl", "http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments", SignedXml.XmlDsigCanonicalizationWithCommentsUrl);
43 AssertEquals ("XmlDsigDSAUrl", "http://www.w3.org/2000/09/xmldsig#dsa-sha1", SignedXml.XmlDsigDSAUrl);
44 AssertEquals ("XmlDsigHMACSHA1Url", "http://www.w3.org/2000/09/xmldsig#hmac-sha1", SignedXml.XmlDsigHMACSHA1Url);
45 AssertEquals ("XmlDsigMinimalCanonicalizationUrl", "http://www.w3.org/2000/09/xmldsig#minimal", SignedXml.XmlDsigMinimalCanonicalizationUrl);
46 AssertEquals ("XmlDsigNamespaceUrl", "http://www.w3.org/2000/09/xmldsig#", SignedXml.XmlDsigNamespaceUrl);
47 AssertEquals ("XmlDsigRSASHA1Url", "http://www.w3.org/2000/09/xmldsig#rsa-sha1", SignedXml.XmlDsigRSASHA1Url);
48 AssertEquals ("XmlDsigSHA1Url", "http://www.w3.org/2000/09/xmldsig#sha1", SignedXml.XmlDsigSHA1Url);
52 public void Constructor_Empty ()
54 XmlDocument doc = new XmlDocument ();
55 doc.LoadXml (signature);
56 XmlNodeList xnl = doc.GetElementsByTagName ("Signature", SignedXml.XmlDsigNamespaceUrl);
57 XmlElement xel = (XmlElement) xnl [0];
59 SignedXml sx = new SignedXml (doc);
61 Assert ("CheckSignature", sx.CheckSignature ());
65 public void Constructor_XmlDocument ()
67 XmlDocument doc = new XmlDocument ();
68 doc.LoadXml (signature);
69 XmlNodeList xnl = doc.GetElementsByTagName ("Signature", SignedXml.XmlDsigNamespaceUrl);
70 XmlElement xel = (XmlElement) xnl [0];
72 SignedXml sx = new SignedXml (doc);
73 sx.LoadXml (doc.DocumentElement);
74 Assert ("CheckSignature", sx.CheckSignature ());
79 [Ignore ("2.0 throws a NullReferenceException - reported as FDBK25892")]
80 // http://lab.msdn.microsoft.com/ProductFeedback/viewfeedback.aspx?feedbackid=02dd9730-d1ad-4170-8c82-36858c55fbe2
82 [ExpectedException (typeof (ArgumentNullException))]
83 public void Constructor_XmlDocument_Null ()
85 XmlDocument doc = null;
86 SignedXml sx = new SignedXml (doc);
90 public void Constructor_XmlElement ()
92 XmlDocument doc = new XmlDocument ();
93 doc.LoadXml (signature);
94 XmlNodeList xnl = doc.GetElementsByTagName ("Signature", SignedXml.XmlDsigNamespaceUrl);
95 XmlElement xel = (XmlElement) xnl [0];
97 SignedXml sx = new SignedXml (doc.DocumentElement);
99 Assert ("CheckSignature", sx.CheckSignature ());
104 [ExpectedException (typeof (CryptographicException))]
106 public void Constructor_XmlElement_WithoutLoadXml ()
108 XmlDocument doc = new XmlDocument ();
109 doc.LoadXml (signature);
110 XmlNodeList xnl = doc.GetElementsByTagName ("Signature", SignedXml.XmlDsigNamespaceUrl);
111 XmlElement xel = (XmlElement) xnl [0];
113 SignedXml sx = new SignedXml (doc.DocumentElement);
114 Assert ("!CheckSignature", !sx.CheckSignature ());
115 // SignedXml (XmlElement) != SignedXml () + LoadXml (XmlElement)
119 [ExpectedException (typeof (ArgumentNullException))]
120 public void Constructor_XmlElement_Null ()
122 XmlElement xel = null;
123 SignedXml sx = new SignedXml (xel);
126 // sample from MSDN (url)
127 public SignedXml MSDNSample ()
129 // Create example data to sign.
130 XmlDocument document = new XmlDocument ();
131 XmlNode node = document.CreateNode (XmlNodeType.Element, "", "MyElement", "samples");
132 node.InnerText = "This is some text";
133 document.AppendChild (node);
135 // Create the SignedXml message.
136 SignedXml signedXml = new SignedXml ();
138 // Create a data object to hold the data to sign.
139 DataObject dataObject = new DataObject ();
140 dataObject.Data = document.ChildNodes;
141 dataObject.Id = "MyObjectId";
143 // Add the data object to the signature.
144 signedXml.AddObject (dataObject);
146 // Create a reference to be able to package everything into the
148 Reference reference = new Reference ();
149 reference.Uri = "#MyObjectId";
151 // Add it to the message.
152 signedXml.AddReference (reference);
158 [ExpectedException (typeof (CryptographicException))]
159 public void SignatureMethodMismatch ()
161 SignedXml signedXml = MSDNSample ();
163 RSA key = RSA.Create ();
164 signedXml.SigningKey = key;
165 signedXml.SignedInfo.SignatureMethod = SignedXml.XmlDsigHMACSHA1Url;
168 KeyInfo keyInfo = new KeyInfo ();
169 keyInfo.AddClause (new RSAKeyValue (key));
170 signedXml.KeyInfo = keyInfo;
172 AssertNotNull ("SignatureMethod", signedXml.SignatureMethod);
173 // Compute the signature - causes unsupported algorithm by the key.
174 signedXml.ComputeSignature ();
178 public void AsymmetricRSASignature ()
180 SignedXml signedXml = MSDNSample ();
182 RSA key = RSA.Create ();
183 signedXml.SigningKey = key;
186 KeyInfo keyInfo = new KeyInfo ();
187 keyInfo.AddClause (new RSAKeyValue (key));
188 signedXml.KeyInfo = keyInfo;
190 AssertEquals ("KeyInfo", 1, signedXml.KeyInfo.Count);
191 AssertNull ("SignatureLength", signedXml.SignatureLength);
192 AssertNull ("SignatureMethod", signedXml.SignatureMethod);
193 AssertNull ("SignatureValue", signedXml.SignatureValue);
194 AssertNull ("SigningKeyName", signedXml.SigningKeyName);
196 // Compute the signature.
197 signedXml.ComputeSignature ();
199 AssertNull ("SigningKeyName", signedXml.SigningKeyName);
200 AssertEquals ("SignatureMethod", SignedXml.XmlDsigRSASHA1Url, signedXml.SignatureMethod);
201 AssertEquals ("SignatureValue", 128, signedXml.SignatureValue.Length);
202 AssertNull ("SigningKeyName", signedXml.SigningKeyName);
204 // Get the XML representation of the signature.
205 XmlElement xmlSignature = signedXml.GetXml ();
207 // LAMESPEC: we must reload the signature or it won't work
208 // MS framework throw a "malformed element"
209 SignedXml vrfy = new SignedXml ();
210 vrfy.LoadXml (xmlSignature);
212 // assert that we can verify our own signature
213 Assert ("RSA-Compute/Verify", vrfy.CheckSignature ());
217 public void AsymmetricDSASignature ()
219 SignedXml signedXml = MSDNSample ();
221 DSA key = DSA.Create ();
222 signedXml.SigningKey = key;
225 KeyInfo keyInfo = new KeyInfo ();
226 keyInfo.AddClause (new DSAKeyValue (key));
227 signedXml.KeyInfo = keyInfo;
229 AssertEquals ("KeyInfo", 1, signedXml.KeyInfo.Count);
230 AssertNull ("SignatureLength", signedXml.SignatureLength);
231 AssertNull ("SignatureMethod", signedXml.SignatureMethod);
232 AssertNull ("SignatureValue", signedXml.SignatureValue);
233 AssertNull ("SigningKeyName", signedXml.SigningKeyName);
235 // Compute the signature.
236 signedXml.ComputeSignature ();
238 AssertNull ("SignatureLength", signedXml.SignatureLength);
239 AssertEquals ("SignatureMethod", SignedXml.XmlDsigDSAUrl, signedXml.SignatureMethod);
240 AssertEquals ("SignatureValue", 40, signedXml.SignatureValue.Length);
241 AssertNull ("SigningKeyName", signedXml.SigningKeyName);
243 // Get the XML representation of the signature.
244 XmlElement xmlSignature = signedXml.GetXml ();
246 // LAMESPEC: we must reload the signature or it won't work
247 // MS framework throw a "malformed element"
248 SignedXml vrfy = new SignedXml ();
249 vrfy.LoadXml (xmlSignature);
251 // assert that we can verify our own signature
252 Assert ("DSA-Compute/Verify", vrfy.CheckSignature ());
256 public void SymmetricHMACSHA1Signature ()
258 SignedXml signedXml = MSDNSample ();
260 // Compute the signature.
261 byte[] secretkey = Encoding.Default.GetBytes ("password");
262 HMACSHA1 hmac = new HMACSHA1 (secretkey);
264 AssertEquals ("KeyInfo", 0, signedXml.KeyInfo.Count);
266 AssertNull ("KeyInfo", signedXml.KeyInfo);
268 AssertNull ("SignatureLength", signedXml.SignatureLength);
269 AssertNull ("SignatureMethod", signedXml.SignatureMethod);
270 AssertNull ("SignatureValue", signedXml.SignatureValue);
271 AssertNull ("SigningKeyName", signedXml.SigningKeyName);
273 signedXml.ComputeSignature (hmac);
276 AssertEquals ("KeyInfo", 0, signedXml.KeyInfo.Count);
278 AssertNull ("KeyInfo", signedXml.KeyInfo);
280 AssertNull ("SignatureLength", signedXml.SignatureLength);
281 AssertEquals ("SignatureMethod", SignedXml.XmlDsigHMACSHA1Url, signedXml.SignatureMethod);
282 AssertEquals ("SignatureValue", 20, signedXml.SignatureValue.Length);
283 AssertNull ("SigningKeyName", signedXml.SigningKeyName);
285 // Get the XML representation of the signature.
286 XmlElement xmlSignature = signedXml.GetXml ();
288 // LAMESPEC: we must reload the signature or it won't work
289 // MS framework throw a "malformed element"
290 SignedXml vrfy = new SignedXml ();
291 vrfy.LoadXml (xmlSignature);
293 // assert that we can verify our own signature
294 Assert ("HMACSHA1-Compute/Verify", vrfy.CheckSignature (hmac));
298 [ExpectedException (typeof (CryptographicException))]
299 public void SymmetricMACTripleDESSignature ()
301 SignedXml signedXml = MSDNSample ();
302 // Compute the signature.
303 byte[] secretkey = Encoding.Default.GetBytes ("password");
304 MACTripleDES hmac = new MACTripleDES (secretkey);
305 signedXml.ComputeSignature (hmac);
308 // Using empty constructor
309 // LAMESPEC: The two other constructors don't seems to apply in verifying signatures
311 public void AsymmetricRSAVerify ()
313 string value = "<Signature xmlns=\"http://www.w3.org/2000/09/xmldsig#\"><SignedInfo><CanonicalizationMethod Algorithm=\"http://www.w3.org/TR/2001/REC-xml-c14n-20010315\" /><SignatureMethod Algorithm=\"http://www.w3.org/2000/09/xmldsig#rsa-sha1\" /><Reference URI=\"#MyObjectId\"><DigestMethod Algorithm=\"http://www.w3.org/2000/09/xmldsig#sha1\" /><DigestValue>/Vvq6sXEVbtZC8GwNtLQnGOy/VI=</DigestValue></Reference></SignedInfo><SignatureValue>A6XuE8Cy9iOffRXaW9b0+dUcMUJQnlmwLsiqtQnADbCtZXnXAaeJ6nGnQ4Mm0IGi0AJc7/2CoJReXl7iW4hltmFguG1e3nl0VxCyCTHKGOCo1u8R3K+B1rTaenFbSxs42EM7/D9KETsPlzfYfis36yM3PqatiCUOsoMsAiMGzlc=</SignatureValue><KeyInfo><KeyValue xmlns=\"http://www.w3.org/2000/09/xmldsig#\"><RSAKeyValue><Modulus>tI8QYIpbG/m6JLyvP+S3X8mzcaAIayxomyTimSh9UCpEucRnGvLw0P73uStNpiF7wltTZA1HEsv+Ha39dY/0j/Wiy3RAodGDRNuKQao1wu34aNybZ673brbsbHFUfw/o7nlKD2xO84fbajBZmKtBBDy63NHt+QL+grSrREPfCTM=</Modulus><Exponent>AQAB</Exponent></RSAKeyValue></KeyValue></KeyInfo><Object Id=\"MyObjectId\"><MyElement xmlns=\"samples\">This is some text</MyElement></Object></Signature>";
314 XmlDocument doc = new XmlDocument ();
317 SignedXml v1 = new SignedXml ();
318 v1.LoadXml (doc.DocumentElement);
319 Assert ("RSA-CheckSignature()", v1.CheckSignature ());
321 SignedXml v2 = new SignedXml ();
322 v2.LoadXml (doc.DocumentElement);
323 AsymmetricAlgorithm key = null;
324 bool vrfy = v2.CheckSignatureReturningKey (out key);
325 Assert ("RSA-CheckSignatureReturningKey()", vrfy);
327 SignedXml v3 = new SignedXml ();
328 v3.LoadXml (doc.DocumentElement);
329 Assert ("RSA-CheckSignature(key)", v3.CheckSignature (key));
332 // Using empty constructor
333 // LAMESPEC: The two other constructors don't seems to apply in verifying signatures
335 public void AsymmetricDSAVerify ()
337 string value = "<Signature xmlns=\"http://www.w3.org/2000/09/xmldsig#\"><SignedInfo><CanonicalizationMethod Algorithm=\"http://www.w3.org/TR/2001/REC-xml-c14n-20010315\" /><SignatureMethod Algorithm=\"http://www.w3.org/2000/09/xmldsig#dsa-sha1\" /><Reference URI=\"#MyObjectId\"><DigestMethod Algorithm=\"http://www.w3.org/2000/09/xmldsig#sha1\" /><DigestValue>/Vvq6sXEVbtZC8GwNtLQnGOy/VI=</DigestValue></Reference></SignedInfo><SignatureValue>BYz/qRGjGsN1yMFPxWa3awUZm1y4I/IxOQroMxkOteRGgk1HIwhRYw==</SignatureValue><KeyInfo><KeyValue xmlns=\"http://www.w3.org/2000/09/xmldsig#\"><DSAKeyValue><P>iglVaZ+LsSL8Y0aDXmFMBwva3xHqIypr3l/LtqBH9ziV2Sh1M4JVasAiKqytWIWt/s/Uk8Ckf2tO2Ww1vsNi1NL+Kg9T7FE52sn380/rF0miwGkZeidzm74OWhykb3J+wCTXaIwOzAWI1yN7FoeoN7wzF12jjlSXAXeqPMlViqk=</P><Q>u4sowiJMHilNRojtdmIuQY2YnB8=</Q><G>SdnN7d+wn1n+HH4Hr8MIryIRYgcXdbZ5TH7jAnuWc1koqRc1AZfcYAZ6RDf+orx6Lzn055FTFiN+1NHQfGUtXJCWW0zz0FVV1NJux7WRj8vGTldjJ5ef0oCenkpwDjcIxWsZgVobve4GPoyN1sAc1scnkJB59oupibklmF4y72A=</G><Y>XejzS8Z51yfl0zbYnxSYYbHqreSLjNCoGPB/KjM1TOyV5sMjz0StKtGrFWryTWc7EgvFY7kUth4e04VKf9HbK8z/FifHTXj8+Tszbjzw8GfInnBwLN+vJgbpnjtypmiI5Bm2nLiRbfkdAHP+OrKtr/EauM9GQfYuaxm3/Vj8B84=</Y><J>vGwGg9wqwwWP9xsoPoXu6kHArJtadiNKe9azBiUx5Ob883gd5wlKfEcGuKkBmBySGbgwxyOsIBovd9Kk48hF01ymfQzAAuHR0EdJECSsTsTTKVTLQNBU32O+PRbLYpv4E8kt6rNL83JLJCBY</J><Seed>sqzn8J6fd2gtEyq6YOqiUSHgPE8=</Seed><PgenCounter>sQ==</PgenCounter></DSAKeyValue></KeyValue></KeyInfo><Object Id=\"MyObjectId\"><MyElement xmlns=\"samples\">This is some text</MyElement></Object></Signature>";
338 XmlDocument doc = new XmlDocument ();
341 SignedXml v1 = new SignedXml ();
342 v1.LoadXml (doc.DocumentElement);
343 Assert ("DSA-CheckSignature()", v1.CheckSignature ());
345 SignedXml v2 = new SignedXml ();
346 v2.LoadXml (doc.DocumentElement);
347 AsymmetricAlgorithm key = null;
348 bool vrfy = v2.CheckSignatureReturningKey (out key);
349 Assert ("DSA-CheckSignatureReturningKey()", vrfy);
351 SignedXml v3 = new SignedXml ();
352 v3.LoadXml (doc.DocumentElement);
353 Assert ("DSA-CheckSignature(key)", v3.CheckSignature (key));
357 public void SymmetricHMACSHA1Verify ()
359 string value = "<Signature xmlns=\"http://www.w3.org/2000/09/xmldsig#\"><SignedInfo><CanonicalizationMethod Algorithm=\"http://www.w3.org/TR/2001/REC-xml-c14n-20010315\" /><SignatureMethod Algorithm=\"http://www.w3.org/2000/09/xmldsig#hmac-sha1\" /><Reference URI=\"#MyObjectId\"><DigestMethod Algorithm=\"http://www.w3.org/2000/09/xmldsig#sha1\" /><DigestValue>/Vvq6sXEVbtZC8GwNtLQnGOy/VI=</DigestValue></Reference></SignedInfo><SignatureValue>e2RxYr5yGbvTqZLCFcgA2RAC0yE=</SignatureValue><Object Id=\"MyObjectId\"><MyElement xmlns=\"samples\">This is some text</MyElement></Object></Signature>";
360 XmlDocument doc = new XmlDocument ();
363 SignedXml v1 = new SignedXml ();
364 v1.LoadXml (doc.DocumentElement);
366 byte[] secretkey = Encoding.Default.GetBytes ("password");
367 HMACSHA1 hmac = new HMACSHA1 (secretkey);
369 Assert ("HMACSHA1-CheckSignature(key)", v1.CheckSignature (hmac));
373 // adapted from http://bugzilla.ximian.com/show_bug.cgi?id=52084
374 public void GetIdElement ()
376 XmlDocument doc = new XmlDocument ();
377 doc.LoadXml (signature);
379 SignedXml v1 = new SignedXml ();
380 v1.LoadXml (doc.DocumentElement);
381 Assert ("CheckSignature", v1.CheckSignature ());
383 XmlElement xel = v1.GetIdElement (doc, "MyObjectId");
384 Assert ("GetIdElement", xel.InnerXml.StartsWith ("<ObjectListTag"));
388 public void GetPublicKey ()
390 XmlDocument doc = new XmlDocument ();
391 doc.LoadXml (signature);
393 SignedXmlEx sxe = new SignedXmlEx ();
394 sxe.LoadXml (doc.DocumentElement);
396 AsymmetricAlgorithm aa1 = sxe.PublicGetPublicKey ();
397 Assert ("First Public Key is RSA", (aa1 is RSA));
399 AsymmetricAlgorithm aa2 = sxe.PublicGetPublicKey ();
400 AssertNull ("Second Public Key is null", aa2);
404 // [ExpectedException (typeof (ArgumentNullException))]
405 public void AddObject_Null ()
407 SignedXml sx = new SignedXml ();
408 // still no ArgumentNullExceptions for this one
413 [ExpectedException (typeof (ArgumentNullException))]
414 public void AddReference_Null ()
416 SignedXml sx = new SignedXml ();
417 sx.AddReference (null);
421 public void Add_Null ()
423 SignedXml sx = new SignedXml ();
424 // no ArgumentNull exceptions for those
426 sx.AddReference (null);
430 [ExpectedException (typeof (CryptographicException))]
431 public void GetXml_WithoutInfo ()
433 SignedXml sx = new SignedXml ();
434 XmlElement xel = sx.GetXml ();
438 [ExpectedException (typeof (ArgumentNullException))]
439 public void LoadXml_Null ()
441 SignedXml sx = new SignedXml ();
446 public void SigningKeyName ()
448 SignedXmlEx sxe = new SignedXmlEx ();
449 AssertNull ("SigningKeyName", sxe.SigningKeyName);
450 sxe.SigningKeyName = "mono";
451 AssertEquals ("SigningKeyName", "mono", sxe.SigningKeyName);
455 public void CheckSignatureEmptySafe ()
461 // empty keyinfo passes...
462 sx = new SignedXml ();
463 sx.KeyInfo = new KeyInfo ();
464 Assert (!sx.CheckSignature ());
466 // with empty KeyInfoName
467 kic = new KeyInfoName ();
471 Assert (!sx.CheckSignature ());
476 [ExpectedException (typeof (CryptographicException))]
478 public void CheckSignatureEmpty ()
480 SignedXml sx = new SignedXml ();
481 Assert (!sx.CheckSignature ());
485 [ExpectedException (typeof (CryptographicException))]
486 public void ComputeSignatureNoSigningKey ()
488 XmlDocument doc = new XmlDocument ();
489 doc.LoadXml ("<foo/>");
490 SignedXml signedXml = new SignedXml (doc);
492 Reference reference = new Reference ();
495 XmlDsigEnvelopedSignatureTransform env = new XmlDsigEnvelopedSignatureTransform ();
496 reference.AddTransform (env);
497 signedXml.AddReference (reference);
499 signedXml.ComputeSignature ();
503 [ExpectedException (typeof (CryptographicException))]
504 public void ComputeSignatureMissingReferencedObject ()
506 XmlDocument doc = new XmlDocument ();
507 doc.LoadXml ("<foo/>");
508 SignedXml signedXml = new SignedXml (doc);
509 DSA key = DSA.Create ();
510 signedXml.SigningKey = key;
512 Reference reference = new Reference ();
513 reference.Uri = "#bleh";
515 XmlDsigEnvelopedSignatureTransform env = new XmlDsigEnvelopedSignatureTransform ();
516 reference.AddTransform (env);
517 signedXml.AddReference (reference);
519 signedXml.ComputeSignature ();
523 public void DataReferenceToNonDataObject ()
525 XmlDocument doc = new XmlDocument ();
526 doc.LoadXml ("<foo Id='id:1'/>");
527 SignedXml signedXml = new SignedXml (doc);
528 DSA key = DSA.Create ();
529 signedXml.SigningKey = key;
531 Reference reference = new Reference ();
532 reference.Uri = "#id:1";
534 XmlDsigC14NTransform t = new XmlDsigC14NTransform ();
535 reference.AddTransform (t);
536 signedXml.AddReference (reference);
538 signedXml.ComputeSignature ();
542 public void SignElementWithoutPrefixedNamespace ()
544 string input = "<Action xmlns='urn:foo'>http://tempuri.org/IFoo/Echo</Action>";
545 string expected = @"<Signature xmlns=""http://www.w3.org/2000/09/xmldsig#""><SignedInfo><CanonicalizationMethod Algorithm=""http://www.w3.org/TR/2001/REC-xml-c14n-20010315"" /><SignatureMethod Algorithm=""http://www.w3.org/2000/09/xmldsig#hmac-sha1"" /><Reference URI=""#_1""><Transforms><Transform Algorithm=""http://www.w3.org/TR/2001/REC-xml-c14n-20010315"" /></Transforms><DigestMethod Algorithm=""http://www.w3.org/2000/09/xmldsig#sha1"" /><DigestValue>zdFEZB8rNzvpNG/gFEJBWk/M5Nk=</DigestValue></Reference></SignedInfo><SignatureValue>+OyGVzrHjmKSDWLNyvgx8pjbPfM=</SignatureValue><Object Id=""_1""><Action xmlns=""urn:foo"">http://tempuri.org/IFoo/Echo</Action></Object></Signature>";
547 byte [] key = Convert.FromBase64String (
548 "1W5EigVnbnRjGLbg99ElieOmuUgYO+KcwMJtE35SAGI=");
549 Transform t = new XmlDsigC14NTransform ();
550 AssertEquals ("#1", expected, SignWithHMACSHA1 (input, key, t));
551 // The second result should be still identical.
552 AssertEquals ("#2", expected, SignWithHMACSHA1 (input, key, t));
556 public void SignElementWithPrefixedNamespace ()
558 string input = "<a:Action xmlns:a='urn:foo'>http://tempuri.org/IFoo/Echo</a:Action>";
559 string expected = @"<Signature xmlns=""http://www.w3.org/2000/09/xmldsig#""><SignedInfo><CanonicalizationMethod Algorithm=""http://www.w3.org/TR/2001/REC-xml-c14n-20010315"" /><SignatureMethod Algorithm=""http://www.w3.org/2000/09/xmldsig#hmac-sha1"" /><Reference URI=""#_1""><Transforms><Transform Algorithm=""http://www.w3.org/TR/2001/REC-xml-c14n-20010315"" /></Transforms><DigestMethod Algorithm=""http://www.w3.org/2000/09/xmldsig#sha1"" /><DigestValue>6i5FlqkEfJOdUaOMCK7xn0I0HDg=</DigestValue></Reference></SignedInfo><SignatureValue>tASp+e2A0xqcm02jKg5TGqlhKpI=</SignatureValue><Object Id=""_1""><a:Action xmlns:a=""urn:foo"">http://tempuri.org/IFoo/Echo</a:Action></Object></Signature>";
561 byte [] key = Convert.FromBase64String (
562 "1W5EigVnbnRjGLbg99ElieOmuUgYO+KcwMJtE35SAGI=");
563 AssertEquals (expected, SignWithHMACSHA1 (input, key));
566 string SignWithHMACSHA1 (string input, byte [] key)
568 return SignWithHMACSHA1 (input, key, new XmlDsigC14NTransform ());
571 string SignWithHMACSHA1 (string input, byte [] key, Transform transform)
573 XmlDocument doc = new XmlDocument ();
575 SignedXml sxml = new SignedXml (doc);
577 HMACSHA1 keyhash = new HMACSHA1 (key);
578 DataObject d = new DataObject ();
579 //d.Data = doc.SelectNodes ("//*[local-name()='Body']/*");
580 d.Data = doc.SelectNodes ("//*[local-name()='Action']");
583 Reference r = new Reference ("#_1");
584 r.AddTransform (transform);
585 r.DigestMethod = SignedXml.XmlDsigSHA1Url;
586 sxml.SignedInfo.AddReference (r);
587 sxml.ComputeSignature (keyhash);
588 StringWriter sw = new StringWriter ();
589 XmlWriter w = new XmlTextWriter (sw);
590 sxml.GetXml ().WriteTo (w);
592 return sw.ToString ();
596 public void GetIdElement_Null ()
598 SignedXml sign = new SignedXml ();
599 AssertNull (sign.GetIdElement (null, "value"));
600 AssertNull (sign.GetIdElement (new XmlDocument (), null));
605 [Category ("NotWorking")] // bug #79483
606 public void DigestValue_CRLF ()
608 XmlDocument doc = CreateSomeXml ("\r\n");
609 XmlDsigExcC14NTransform transform = new XmlDsigExcC14NTransform ();
610 transform.LoadInput (doc);
611 Stream s = (Stream) transform.GetOutput ();
612 string output = Stream2String (s);
613 AssertEquals ("#1", "<person>
\n <birthplace>Brussels</birthplace>
\n</person>", output);
617 HashAlgorithm hash = HashAlgorithm.Create ("System.Security.Cryptography.SHA1CryptoServiceProvider");
618 byte[] digest = hash.ComputeHash (s);
619 AssertEquals ("#2", "IKbfdK2/DMfXyezCf5QggVCXfk8=", Convert.ToBase64String (digest));
621 X509Certificate2 cert = new X509Certificate2 (_pkcs12, "mono");
622 SignedXml signedXml = new SignedXml (doc);
623 signedXml.SigningKey = cert.PrivateKey;
624 signedXml.SignedInfo.CanonicalizationMethod = SignedXml.XmlDsigExcC14NTransformUrl;
626 Reference reference = new Reference ();
629 XmlDsigEnvelopedSignatureTransform env = new XmlDsigEnvelopedSignatureTransform ();
630 reference.AddTransform (env);
631 signedXml.AddReference (reference);
633 KeyInfo keyInfo = new KeyInfo ();
634 KeyInfoX509Data x509KeyInfo = new KeyInfoX509Data ();
635 x509KeyInfo.AddCertificate (new X509Certificate2 (_cert));
636 x509KeyInfo.AddCertificate (cert);
637 keyInfo.AddClause (x509KeyInfo);
638 signedXml.KeyInfo = keyInfo;
640 signedXml.ComputeSignature ();
642 digest = reference.DigestValue;
643 AssertEquals ("#3", "e3dsi1xK8FAx1vsug7J203JbEAU=", Convert.ToBase64String (digest));
645 AssertEquals ("#4", "<SignedInfo xmlns=\"http://www.w3.org/2000/09/xmldsig#\">"
646 + "<CanonicalizationMethod Algorithm=\"http://www.w3.org/2001/10/xml-exc-c14n#\" />"
647 + "<SignatureMethod Algorithm=\"http://www.w3.org/2000/09/xmldsig#rsa-sha1\" />"
648 + "<Reference URI=\"\">"
650 + "<Transform Algorithm=\"http://www.w3.org/2000/09/xmldsig#enveloped-signature\" />"
652 + "<DigestMethod Algorithm=\"http://www.w3.org/2000/09/xmldsig#sha1\" />"
653 + "<DigestValue>e3dsi1xK8FAx1vsug7J203JbEAU=</DigestValue>"
655 + "</SignedInfo>", signedXml.SignedInfo.GetXml ().OuterXml);
659 public void DigestValue_LF ()
661 XmlDocument doc = CreateSomeXml ("\n");
662 XmlDsigExcC14NTransform transform = new XmlDsigExcC14NTransform ();
663 transform.LoadInput (doc);
664 Stream s = (Stream) transform.GetOutput ();
665 string output = Stream2String (s);
666 AssertEquals ("#1", "<person>\n <birthplace>Brussels</birthplace>\n</person>", output);
670 HashAlgorithm hash = HashAlgorithm.Create ("System.Security.Cryptography.SHA1CryptoServiceProvider");
671 byte[] digest = hash.ComputeHash (s);
672 AssertEquals ("#2", "e3dsi1xK8FAx1vsug7J203JbEAU=", Convert.ToBase64String (digest));
674 X509Certificate2 cert = new X509Certificate2 (_pkcs12, "mono");
675 SignedXml signedXml = new SignedXml (doc);
676 signedXml.SigningKey = cert.PrivateKey;
677 signedXml.SignedInfo.CanonicalizationMethod = SignedXml.XmlDsigExcC14NTransformUrl;
679 Reference reference = new Reference ();
682 XmlDsigEnvelopedSignatureTransform env = new XmlDsigEnvelopedSignatureTransform ();
683 reference.AddTransform (env);
684 signedXml.AddReference (reference);
686 KeyInfo keyInfo = new KeyInfo ();
687 KeyInfoX509Data x509KeyInfo = new KeyInfoX509Data ();
688 x509KeyInfo.AddCertificate (new X509Certificate2 (_cert));
689 x509KeyInfo.AddCertificate (cert);
690 keyInfo.AddClause (x509KeyInfo);
691 signedXml.KeyInfo = keyInfo;
693 signedXml.ComputeSignature ();
695 digest = reference.DigestValue;
696 AssertEquals ("#3", "e3dsi1xK8FAx1vsug7J203JbEAU=", Convert.ToBase64String (digest));
698 AssertEquals ("#4", "<SignedInfo xmlns=\"http://www.w3.org/2000/09/xmldsig#\">"
699 + "<CanonicalizationMethod Algorithm=\"http://www.w3.org/2001/10/xml-exc-c14n#\" />"
700 + "<SignatureMethod Algorithm=\"http://www.w3.org/2000/09/xmldsig#rsa-sha1\" />"
701 + "<Reference URI=\"\">"
703 + "<Transform Algorithm=\"http://www.w3.org/2000/09/xmldsig#enveloped-signature\" />"
705 + "<DigestMethod Algorithm=\"http://www.w3.org/2000/09/xmldsig#sha1\" />"
706 + "<DigestValue>e3dsi1xK8FAx1vsug7J203JbEAU=</DigestValue>"
708 + "</SignedInfo>", signedXml.SignedInfo.GetXml ().OuterXml);
712 [Category ("NotWorking")] // bug #79483
713 public void SignedXML_CRLF_Invalid ()
715 X509Certificate2 cert = new X509Certificate2 (_pkcs12, "mono");
717 XmlDocument doc = new XmlDocument ();
718 doc.LoadXml (string.Format (CultureInfo.InvariantCulture,
720 " <birthplace>Brussels</birthplace>{0}" +
721 "<Signature xmlns=\"http://www.w3.org/2000/09/xmldsig#\">" +
723 "<CanonicalizationMethod Algorithm=\"http://www.w3.org/2001/10/xml-exc-c14n#\" />" +
724 "<SignatureMethod Algorithm=\"http://www.w3.org/2000/09/xmldsig#rsa-sha1\" />" +
725 "<Reference URI=\"\">" +
727 "<Transform Algorithm=\"http://www.w3.org/2000/09/xmldsig#enveloped-signature\" />" +
729 "<DigestMethod Algorithm=\"http://www.w3.org/2000/09/xmldsig#sha1\" />" +
730 "<DigestValue>IKbfdK2/DMfXyezCf5QggVCXfk8=</DigestValue>" +
734 "JuSd68PyARsZqGKSo5xX5yYHDuu6whHEhoXqxxFmGeEdvkKY2bgroWJ1ZTGHGr" +
735 "VI7mtG3h0w1ibOKdltm9j4lZaZWo87CAJiJ2syeLbMyIVSw6OyZEsiFF/VqLKK" +
736 "4T4AO6q7HYsC55zJrOvL1j9IIr8zBnJfvBdKckf0lczYbXc=" +
737 "</SignatureValue>" +
740 "<X509Certificate>" +
741 "MIIBozCCAQygAwIBAgIQHc+8iURSTUarmg4trmrnGTANBgkqhkiG9w0BAQUFAD" +
742 "ARMQ8wDQYDVQQDEwZOb3ZlbGwwIBcNMDYwOTIxMDcyNjUxWhgPMjA5MDAxMjEw" +
743 "ODI2NTFaMA8xDTALBgNVBAMTBE1vbm8wgZ0wDQYJKoZIhvcNAQEBBQADgYsAMI" +
744 "GHAoGBAJhFB1KHv2WzsHqih9Mvm3KffEOSMv+sh1mPW3sWI/95VOOVqJnhemMM" +
745 "s82phSbNZeoPHny4btbykbRRaRQv94rtIM6geJR1e2c5mfJWtHSq3EYQarHC68" +
746 "cAZvCAmQZGa1eQRNRqcTSKX8yfqH0SouIE9ohJtpiluNe+Xgk5fKv3AgERMA0G" +
747 "CSqGSIb3DQEBBQUAA4GBAE6pqSgK8QKRHSh6YvYs9oRh1n8iREco7QmZCFj7UB" +
748 "kn/QgJ9mKsT8o12VnYHqBCEwBNaT1ay3z/SR4/Z383zuu4Y6xxjqOqnM6gtwUV" +
749 "u5/0hvz+ThtuTjItG6Ny5JkLZZQt/XbI5kg920t9jq3vbHBMuX2HxivwQe5sug" +
751 "</X509Certificate>" +
752 "<X509Certificate>" +
753 "MIIBpTCCAQ6gAwIBAgIQXo6Lr3rrSkW4xmNPRbHMbjANBgkqhkiG9w0BAQUFAD" +
754 "ARMQ8wDQYDVQQDEwZOb3ZlbGwwIBcNMDYwOTIxMDcxNDE4WhgPMjA5MDAxMjEw" +
755 "ODE0MThaMBExDzANBgNVBAMTBk1pZ3VlbDCBnTANBgkqhkiG9w0BAQEFAAOBiw" +
756 "AwgYcCgYEArCkeSZ6U3U3Fm2qSuQsM7xvvsSzZGQLPDUHFQ/BZxA7LiGRfXbmO" +
757 "yPkkYRYItXdy0yDl/8rAjelaL8jQ4me6Uexyeq+5xEgHn9VbNJny5apGNi4kF1" +
758 "8DR5DK9Zme9d6icusgW8krv3//5SVE8ao7X5qrIOGS825eCJL73YWbxKkCAREw" +
759 "DQYJKoZIhvcNAQEFBQADgYEASqBgYTkIJpDO28ZEXnF5Q/G3xDR/MxhdcrCISJ" +
760 "tDbuGVZzK+xhFhiYD5Q1NiGhD4oDIVJPwKmZH4L3YP96iSh6RdtO27V05ET/X5" +
761 "yWMKdeIsq6r9jXXv7NaWTmvNfMLKLNgEBCJ00+wN0u4xHUC7yCJc0KNQ3fjDLU" +
763 "</X509Certificate>" +
767 "</person>", "\r\n"));
769 SignedXml signedXml = new SignedXml (doc);
770 XmlNodeList nodeList = doc.GetElementsByTagName ("Signature");
771 signedXml.LoadXml ((XmlElement) nodeList [0]);
772 Assert ("#2", !signedXml.CheckSignature ());
776 [Category ("NotWorking")] // bug #79483
777 public void SignedXML_CRLF_Valid ()
779 X509Certificate2 cert = new X509Certificate2 (_pkcs12, "mono");
781 XmlDocument doc = CreateSignedXml (cert, SignedXml.XmlDsigExcC14NTransformUrl, "\r\n");
782 AssertEquals ("#1", string.Format (CultureInfo.InvariantCulture,
784 " <birthplace>Brussels</birthplace>{0}" +
785 "<Signature xmlns=\"http://www.w3.org/2000/09/xmldsig#\">" +
787 "<CanonicalizationMethod Algorithm=\"http://www.w3.org/2001/10/xml-exc-c14n#\" />" +
788 "<SignatureMethod Algorithm=\"http://www.w3.org/2000/09/xmldsig#rsa-sha1\" />" +
789 "<Reference URI=\"\">" +
791 "<Transform Algorithm=\"http://www.w3.org/2000/09/xmldsig#enveloped-signature\" />" +
793 "<DigestMethod Algorithm=\"http://www.w3.org/2000/09/xmldsig#sha1\" />" +
794 "<DigestValue>e3dsi1xK8FAx1vsug7J203JbEAU=</DigestValue>" +
798 "X29nbkOR/Xk3KwsEpEvpDOqfI6/NTtiewIxNqKMrPCoM0HLawK5HKsCw3lL07C" +
799 "8SwqvoXJL9VS05gsSia85YCB8NPDeHuHY3CPGT7DVpgeHFA0oefMnOi8IAqKD2" +
800 "nx29A222u5OmwbDO0qFqbtsgvIFiP5YJg04cwmnqs+eL+WA=" +
801 "</SignatureValue>" +
804 "<X509Certificate>" +
805 "MIIBozCCAQygAwIBAgIQHc+8iURSTUarmg4trmrnGTANBgkqhkiG9w0BAQUFAD" +
806 "ARMQ8wDQYDVQQDEwZOb3ZlbGwwIBcNMDYwOTIxMDcyNjUxWhgPMjA5MDAxMjEw" +
807 "ODI2NTFaMA8xDTALBgNVBAMTBE1vbm8wgZ0wDQYJKoZIhvcNAQEBBQADgYsAMI" +
808 "GHAoGBAJhFB1KHv2WzsHqih9Mvm3KffEOSMv+sh1mPW3sWI/95VOOVqJnhemMM" +
809 "s82phSbNZeoPHny4btbykbRRaRQv94rtIM6geJR1e2c5mfJWtHSq3EYQarHC68" +
810 "cAZvCAmQZGa1eQRNRqcTSKX8yfqH0SouIE9ohJtpiluNe+Xgk5fKv3AgERMA0G" +
811 "CSqGSIb3DQEBBQUAA4GBAE6pqSgK8QKRHSh6YvYs9oRh1n8iREco7QmZCFj7UB" +
812 "kn/QgJ9mKsT8o12VnYHqBCEwBNaT1ay3z/SR4/Z383zuu4Y6xxjqOqnM6gtwUV" +
813 "u5/0hvz+ThtuTjItG6Ny5JkLZZQt/XbI5kg920t9jq3vbHBMuX2HxivwQe5sug" +
815 "</X509Certificate>" +
816 "<X509Certificate>" +
817 "MIIBpTCCAQ6gAwIBAgIQXo6Lr3rrSkW4xmNPRbHMbjANBgkqhkiG9w0BAQUFAD" +
818 "ARMQ8wDQYDVQQDEwZOb3ZlbGwwIBcNMDYwOTIxMDcxNDE4WhgPMjA5MDAxMjEw" +
819 "ODE0MThaMBExDzANBgNVBAMTBk1pZ3VlbDCBnTANBgkqhkiG9w0BAQEFAAOBiw" +
820 "AwgYcCgYEArCkeSZ6U3U3Fm2qSuQsM7xvvsSzZGQLPDUHFQ/BZxA7LiGRfXbmO" +
821 "yPkkYRYItXdy0yDl/8rAjelaL8jQ4me6Uexyeq+5xEgHn9VbNJny5apGNi4kF1" +
822 "8DR5DK9Zme9d6icusgW8krv3//5SVE8ao7X5qrIOGS825eCJL73YWbxKkCAREw" +
823 "DQYJKoZIhvcNAQEFBQADgYEASqBgYTkIJpDO28ZEXnF5Q/G3xDR/MxhdcrCISJ" +
824 "tDbuGVZzK+xhFhiYD5Q1NiGhD4oDIVJPwKmZH4L3YP96iSh6RdtO27V05ET/X5" +
825 "yWMKdeIsq6r9jXXv7NaWTmvNfMLKLNgEBCJ00+wN0u4xHUC7yCJc0KNQ3fjDLU" +
827 "</X509Certificate>" +
831 "</person>", "\r\n"), doc.OuterXml);
835 [Ignore ("This is a bad test case which should basically just check the computed signature value instead of comparing XML document literal string, and thus caused inconsistency between .NET 1.1 and .NET 2.0. Not deleting this test case, to easily find the reason for potentially happening regression in the future (which should not waste time).")]
836 public void SignedXML_LF_Valid ()
838 X509Certificate2 cert = new X509Certificate2 (_pkcs12, "mono");
840 XmlDocument doc = CreateSignedXml (cert, SignedXml.XmlDsigExcC14NTransformUrl, "\n");
841 AssertEquals ("#1", string.Format (CultureInfo.InvariantCulture,
843 " <birthplace>Brussels</birthplace>{0}" +
844 "<Signature xmlns=\"http://www.w3.org/2000/09/xmldsig#\">" +
846 "<CanonicalizationMethod Algorithm=\"http://www.w3.org/2001/10/xml-exc-c14n#\" />" +
847 "<SignatureMethod Algorithm=\"http://www.w3.org/2000/09/xmldsig#rsa-sha1\" />" +
848 "<Reference URI=\"\">" +
850 "<Transform Algorithm=\"http://www.w3.org/2000/09/xmldsig#enveloped-signature\" />" +
852 "<DigestMethod Algorithm=\"http://www.w3.org/2000/09/xmldsig#sha1\" />" +
853 "<DigestValue>e3dsi1xK8FAx1vsug7J203JbEAU=</DigestValue>" +
857 "X29nbkOR/Xk3KwsEpEvpDOqfI6/NTtiewIxNqKMrPCoM0HLawK5HKsCw3lL07C" +
858 "8SwqvoXJL9VS05gsSia85YCB8NPDeHuHY3CPGT7DVpgeHFA0oefMnOi8IAqKD2" +
859 "nx29A222u5OmwbDO0qFqbtsgvIFiP5YJg04cwmnqs+eL+WA=" +
860 "</SignatureValue>" +
863 "<X509Certificate>" +
864 "MIIBozCCAQygAwIBAgIQHc+8iURSTUarmg4trmrnGTANBgkqhkiG9w0BAQUFAD" +
865 "ARMQ8wDQYDVQQDEwZOb3ZlbGwwIBcNMDYwOTIxMDcyNjUxWhgPMjA5MDAxMjEw" +
866 "ODI2NTFaMA8xDTALBgNVBAMTBE1vbm8wgZ0wDQYJKoZIhvcNAQEBBQADgYsAMI" +
867 "GHAoGBAJhFB1KHv2WzsHqih9Mvm3KffEOSMv+sh1mPW3sWI/95VOOVqJnhemMM" +
868 "s82phSbNZeoPHny4btbykbRRaRQv94rtIM6geJR1e2c5mfJWtHSq3EYQarHC68" +
869 "cAZvCAmQZGa1eQRNRqcTSKX8yfqH0SouIE9ohJtpiluNe+Xgk5fKv3AgERMA0G" +
870 "CSqGSIb3DQEBBQUAA4GBAE6pqSgK8QKRHSh6YvYs9oRh1n8iREco7QmZCFj7UB" +
871 "kn/QgJ9mKsT8o12VnYHqBCEwBNaT1ay3z/SR4/Z383zuu4Y6xxjqOqnM6gtwUV" +
872 "u5/0hvz+ThtuTjItG6Ny5JkLZZQt/XbI5kg920t9jq3vbHBMuX2HxivwQe5sug" +
874 "</X509Certificate>" +
875 "<X509Certificate>" +
876 "MIIBpTCCAQ6gAwIBAgIQXo6Lr3rrSkW4xmNPRbHMbjANBgkqhkiG9w0BAQUFAD" +
877 "ARMQ8wDQYDVQQDEwZOb3ZlbGwwIBcNMDYwOTIxMDcxNDE4WhgPMjA5MDAxMjEw" +
878 "ODE0MThaMBExDzANBgNVBAMTBk1pZ3VlbDCBnTANBgkqhkiG9w0BAQEFAAOBiw" +
879 "AwgYcCgYEArCkeSZ6U3U3Fm2qSuQsM7xvvsSzZGQLPDUHFQ/BZxA7LiGRfXbmO" +
880 "yPkkYRYItXdy0yDl/8rAjelaL8jQ4me6Uexyeq+5xEgHn9VbNJny5apGNi4kF1" +
881 "8DR5DK9Zme9d6icusgW8krv3//5SVE8ao7X5qrIOGS825eCJL73YWbxKkCAREw" +
882 "DQYJKoZIhvcNAQEFBQADgYEASqBgYTkIJpDO28ZEXnF5Q/G3xDR/MxhdcrCISJ" +
883 "tDbuGVZzK+xhFhiYD5Q1NiGhD4oDIVJPwKmZH4L3YP96iSh6RdtO27V05ET/X5" +
884 "yWMKdeIsq6r9jXXv7NaWTmvNfMLKLNgEBCJ00+wN0u4xHUC7yCJc0KNQ3fjDLU" +
886 "</X509Certificate>" +
890 "</person>", "\n"), doc.OuterXml);
893 [Test] // part of bug #79454
894 public void MultipleX509Certificates ()
896 XmlDocument doc = null;
897 X509Certificate2 cert = new X509Certificate2 (_pkcs12, "mono");
899 doc = CreateSignedXml (cert, SignedXml.XmlDsigExcC14NTransformUrl, "\n");
900 Assert ("#1", VerifySignedXml (doc));
902 doc = CreateSignedXml (cert, SignedXml.XmlDsigExcC14NWithCommentsTransformUrl, "\n");
903 Assert ("#2", VerifySignedXml (doc));
905 doc = CreateSignedXml (cert, SignedXml.XmlDsigCanonicalizationUrl, "\n");
906 Assert ("#3", VerifySignedXml (doc));
908 doc = CreateSignedXml (cert, SignedXml.XmlDsigCanonicalizationWithCommentsUrl, "\n");
909 Assert ("#4", VerifySignedXml (doc));
912 // creates a signed XML document with two certificates in the X509Data
913 // element, with the second being the one that should be used to verify
915 static XmlDocument CreateSignedXml (X509Certificate2 cert, string canonicalizationMethod, string lineFeed)
917 XmlDocument doc = CreateSomeXml (lineFeed);
919 SignedXml signedXml = new SignedXml (doc);
920 signedXml.SigningKey = cert.PrivateKey;
921 signedXml.SignedInfo.CanonicalizationMethod = canonicalizationMethod;
923 Reference reference = new Reference ();
926 XmlDsigEnvelopedSignatureTransform env = new XmlDsigEnvelopedSignatureTransform ();
927 reference.AddTransform (env);
928 signedXml.AddReference (reference);
930 KeyInfo keyInfo = new KeyInfo ();
931 KeyInfoX509Data x509KeyInfo = new KeyInfoX509Data ();
932 x509KeyInfo.AddCertificate (new X509Certificate2 (_cert));
933 x509KeyInfo.AddCertificate (cert);
934 keyInfo.AddClause (x509KeyInfo);
935 signedXml.KeyInfo = keyInfo;
937 signedXml.ComputeSignature ();
938 XmlElement xmlDigitalSignature = signedXml.GetXml ();
940 doc.DocumentElement.AppendChild (doc.ImportNode (xmlDigitalSignature, true));
944 static bool VerifySignedXml (XmlDocument signedDoc)
946 SignedXml signedXml = new SignedXml (signedDoc);
947 XmlNodeList nodeList = signedDoc.GetElementsByTagName ("Signature");
948 signedXml.LoadXml ((XmlElement) nodeList [0]);
949 return signedXml.CheckSignature ();
952 static XmlDocument CreateSomeXml (string lineFeed)
954 StringWriter sw = new StringWriter ();
955 sw.NewLine = lineFeed;
956 XmlTextWriter xtw = new XmlTextWriter (sw);
957 xtw.Formatting = Formatting.Indented;
958 xtw.WriteStartElement ("person");
959 xtw.WriteElementString ("birthplace", "Brussels");
960 xtw.WriteEndElement ();
963 XmlDocument doc = new XmlDocument ();
964 doc.PreserveWhitespace = true;
965 doc.Load (new StringReader (sw.ToString ()));
969 string Stream2String (Stream s)
971 StringBuilder sb = new StringBuilder ();
972 int b = s.ReadByte ();
974 sb.Append (Convert.ToChar (b));
977 return sb.ToString ();
980 private static byte [] _cert = new byte [] {
981 0x30, 0x82, 0x01, 0xa3, 0x30, 0x82, 0x01, 0x0c, 0xa0, 0x03, 0x02,
982 0x01, 0x02, 0x02, 0x10, 0x1d, 0xcf, 0xbc, 0x89, 0x44, 0x52, 0x4d,
983 0x46, 0xab, 0x9a, 0x0e, 0x2d, 0xae, 0x6a, 0xe7, 0x19, 0x30, 0x0d,
984 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x05,
985 0x05, 0x00, 0x30, 0x11, 0x31, 0x0f, 0x30, 0x0d, 0x06, 0x03, 0x55,
986 0x04, 0x03, 0x13, 0x06, 0x4e, 0x6f, 0x76, 0x65, 0x6c, 0x6c, 0x30,
987 0x20, 0x17, 0x0d, 0x30, 0x36, 0x30, 0x39, 0x32, 0x31, 0x30, 0x37,
988 0x32, 0x36, 0x35, 0x31, 0x5a, 0x18, 0x0f, 0x32, 0x30, 0x39, 0x30,
989 0x30, 0x31, 0x32, 0x31, 0x30, 0x38, 0x32, 0x36, 0x35, 0x31, 0x5a,
990 0x30, 0x0f, 0x31, 0x0d, 0x30, 0x0b, 0x06, 0x03, 0x55, 0x04, 0x03,
991 0x13, 0x04, 0x4d, 0x6f, 0x6e, 0x6f, 0x30, 0x81, 0x9d, 0x30, 0x0d,
992 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01,
993 0x05, 0x00, 0x03, 0x81, 0x8b, 0x00, 0x30, 0x81, 0x87, 0x02, 0x81,
994 0x81, 0x00, 0x98, 0x45, 0x07, 0x52, 0x87, 0xbf, 0x65, 0xb3, 0xb0,
995 0x7a, 0xa2, 0x87, 0xd3, 0x2f, 0x9b, 0x72, 0x9f, 0x7c, 0x43, 0x92,
996 0x32, 0xff, 0xac, 0x87, 0x59, 0x8f, 0x5b, 0x7b, 0x16, 0x23, 0xff,
997 0x79, 0x54, 0xe3, 0x95, 0xa8, 0x99, 0xe1, 0x7a, 0x63, 0x0c, 0xb3,
998 0xcd, 0xa9, 0x85, 0x26, 0xcd, 0x65, 0xea, 0x0f, 0x1e, 0x7c, 0xb8,
999 0x6e, 0xd6, 0xf2, 0x91, 0xb4, 0x51, 0x69, 0x14, 0x2f, 0xf7, 0x8a,
1000 0xed, 0x20, 0xce, 0xa0, 0x78, 0x94, 0x75, 0x7b, 0x67, 0x39, 0x99,
1001 0xf2, 0x56, 0xb4, 0x74, 0xaa, 0xdc, 0x46, 0x10, 0x6a, 0xb1, 0xc2,
1002 0xeb, 0xc7, 0x00, 0x66, 0xf0, 0x80, 0x99, 0x06, 0x46, 0x6b, 0x57,
1003 0x90, 0x44, 0xd4, 0x6a, 0x71, 0x34, 0x8a, 0x5f, 0xcc, 0x9f, 0xa8,
1004 0x7d, 0x12, 0xa2, 0xe2, 0x04, 0xf6, 0x88, 0x49, 0xb6, 0x98, 0xa5,
1005 0xb8, 0xd7, 0xbe, 0x5e, 0x09, 0x39, 0x7c, 0xab, 0xf7, 0x02, 0x01,
1006 0x11, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d,
1007 0x01, 0x01, 0x05, 0x05, 0x00, 0x03, 0x81, 0x81, 0x00, 0x4e, 0xa9,
1008 0xa9, 0x28, 0x0a, 0xf1, 0x02, 0x91, 0x1d, 0x28, 0x7a, 0x62, 0xf6,
1009 0x2c, 0xf6, 0x84, 0x61, 0xd6, 0x7f, 0x22, 0x44, 0x47, 0x28, 0xed,
1010 0x09, 0x99, 0x08, 0x58, 0xfb, 0x50, 0x19, 0x27, 0xfd, 0x08, 0x09,
1011 0xf6, 0x62, 0xac, 0x4f, 0xca, 0x35, 0xd9, 0x59, 0xd8, 0x1e, 0xa0,
1012 0x42, 0x13, 0x00, 0x4d, 0x69, 0x3d, 0x5a, 0xcb, 0x7c, 0xff, 0x49,
1013 0x1e, 0x3f, 0x67, 0x7f, 0x37, 0xce, 0xeb, 0xb8, 0x63, 0xac, 0x71,
1014 0x8e, 0xa3, 0xaa, 0x9c, 0xce, 0xa0, 0xb7, 0x05, 0x15, 0xbb, 0x9f,
1015 0xf4, 0x86, 0xfc, 0xfe, 0x4e, 0x1b, 0x6e, 0x4e, 0x32, 0x2d, 0x1b,
1016 0xa3, 0x72, 0xe4, 0x99, 0x0b, 0x65, 0x94, 0x2d, 0xfd, 0x76, 0xc8,
1017 0xe6, 0x48, 0x3d, 0xdb, 0x4b, 0x7d, 0x8e, 0xad, 0xef, 0x6c, 0x70,
1018 0x4c, 0xb9, 0x7d, 0x87, 0xc6, 0x2b, 0xf0, 0x41, 0xee, 0x6c, 0xba,
1019 0x08, 0xcf, 0x69, 0x31, 0x18 };
1021 private static byte [] _pkcs12 = new byte [] {
1022 0x30, 0x82, 0x05, 0x8d, 0x02, 0x01, 0x03, 0x30, 0x82, 0x05, 0x47,
1023 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x07, 0x01,
1024 0xa0, 0x82, 0x05, 0x38, 0x04, 0x82, 0x05, 0x34, 0x30, 0x82, 0x05,
1025 0x30, 0x30, 0x82, 0x02, 0x3f, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86,
1026 0xf7, 0x0d, 0x01, 0x07, 0x06, 0xa0, 0x82, 0x02, 0x30, 0x30, 0x82,
1027 0x02, 0x2c, 0x02, 0x01, 0x00, 0x30, 0x82, 0x02, 0x25, 0x06, 0x09,
1028 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x07, 0x01, 0x30, 0x1c,
1029 0x06, 0x0a, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x0c, 0x01,
1030 0x03, 0x30, 0x0e, 0x04, 0x08, 0x6e, 0x0a, 0x50, 0x20, 0xc3, 0x11,
1031 0x49, 0x07, 0x02, 0x02, 0x07, 0xd0, 0x80, 0x82, 0x01, 0xf8, 0x74,
1032 0x40, 0x07, 0x44, 0x6b, 0x80, 0x46, 0xe1, 0x4e, 0x65, 0x5e, 0xf2,
1033 0xf6, 0x38, 0x90, 0xd1, 0x75, 0x24, 0xd9, 0x72, 0x92, 0x5b, 0x4a,
1034 0xb9, 0x9e, 0xbd, 0xab, 0xe2, 0xb8, 0x91, 0xc9, 0x48, 0x14, 0x88,
1035 0x61, 0x7d, 0x06, 0xf9, 0x24, 0x80, 0xb5, 0x36, 0xaf, 0xfe, 0xc0,
1036 0x59, 0x00, 0x39, 0x3f, 0x78, 0xc0, 0x57, 0xea, 0x1e, 0xcb, 0x29,
1037 0xa4, 0x5f, 0xba, 0x4b, 0xd9, 0xca, 0x95, 0xab, 0x55, 0x4a, 0x11,
1038 0x1a, 0xf8, 0xe9, 0xd4, 0xc0, 0x08, 0x55, 0xfb, 0x69, 0x09, 0x0d,
1039 0x5b, 0xed, 0x02, 0xcc, 0x55, 0xfe, 0x05, 0x2e, 0x45, 0xa7, 0x8d,
1040 0x63, 0x9a, 0xda, 0x6c, 0xc7, 0xe1, 0xcb, 0x5c, 0xa7, 0xd9, 0x9b,
1041 0x4a, 0xfb, 0x7d, 0x31, 0xe5, 0x89, 0x3e, 0xf2, 0x32, 0xc9, 0x78,
1042 0xd0, 0x66, 0x1e, 0x38, 0xc7, 0xbf, 0x41, 0xf9, 0xe7, 0xbd, 0xce,
1043 0x8b, 0xc3, 0x14, 0x19, 0x4b, 0xfa, 0x3a, 0xa2, 0x1f, 0xb0, 0xd4,
1044 0xfa, 0x33, 0x39, 0x12, 0xd9, 0x36, 0x7f, 0x7e, 0xf0, 0xc4, 0xdc,
1045 0xf0, 0xb5, 0x7a, 0x50, 0x2c, 0x99, 0x9d, 0x02, 0x40, 0xec, 0x6a,
1046 0x23, 0x83, 0x16, 0xec, 0x8f, 0x58, 0x14, 0xa0, 0xa0, 0x9c, 0xa0,
1047 0xe1, 0xd0, 0x6f, 0x54, 0x1a, 0x10, 0x47, 0x69, 0x6b, 0x55, 0x7f,
1048 0x67, 0x7d, 0xb8, 0x38, 0xa0, 0x40, 0x99, 0x13, 0xe8, 0x15, 0x73,
1049 0x8d, 0x18, 0x86, 0x29, 0x74, 0xec, 0x66, 0xa3, 0xb8, 0x14, 0x10,
1050 0x61, 0xef, 0xa5, 0x79, 0x89, 0x01, 0xaa, 0xf2, 0x1f, 0x0c, 0xdd,
1051 0x0d, 0x8c, 0xbb, 0x7a, 0x4e, 0x0f, 0x47, 0x91, 0x37, 0xa3, 0x8a,
1052 0x43, 0x0f, 0xeb, 0xc7, 0x9b, 0x8d, 0xaf, 0x39, 0xdf, 0x23, 0x1c,
1053 0xa4, 0xf7, 0x66, 0x1c, 0x61, 0x42, 0x24, 0x9a, 0x0a, 0x3a, 0x31,
1054 0x9c, 0x51, 0xa2, 0x30, 0xbe, 0x85, 0xa6, 0xe8, 0x18, 0xfa, 0x8b,
1055 0xff, 0xdd, 0xdc, 0x34, 0x46, 0x4f, 0x15, 0xde, 0xdb, 0xc4, 0xeb,
1056 0x62, 0x3b, 0x7c, 0x25, 0x1a, 0x13, 0x8b, 0xda, 0x3b, 0x59, 0x2a,
1057 0xb8, 0x50, 0xe3, 0x9f, 0x76, 0xfc, 0xe8, 0x00, 0xfc, 0xf7, 0xba,
1058 0xd2, 0x45, 0x92, 0x14, 0xb5, 0xe2, 0x93, 0x41, 0x09, 0xea, 0x5b,
1059 0x5e, 0xda, 0x66, 0x92, 0xd1, 0x93, 0x7a, 0xc0, 0xe1, 0x2f, 0xed,
1060 0x29, 0x78, 0x80, 0xff, 0x79, 0x0e, 0xda, 0x78, 0x7e, 0x71, 0xa4,
1061 0x31, 0x2f, 0xe9, 0x48, 0xab, 0xc9, 0x40, 0x7d, 0x63, 0x06, 0xd6,
1062 0xb5, 0x2b, 0x49, 0xba, 0x43, 0x56, 0x69, 0xc5, 0xc2, 0x85, 0x37,
1063 0xdb, 0xe7, 0x39, 0x87, 0x8d, 0x14, 0x15, 0x55, 0x76, 0x3f, 0x70,
1064 0xf6, 0xd7, 0x80, 0x82, 0x48, 0x02, 0x64, 0xe1, 0x73, 0x1a, 0xd9,
1065 0x35, 0x1a, 0x43, 0xf3, 0xde, 0xd4, 0x00, 0x9d, 0x49, 0x2b, 0xc6,
1066 0x66, 0x19, 0x3e, 0xb8, 0xcc, 0x43, 0xcc, 0xa8, 0x12, 0xa4, 0xad,
1067 0xcd, 0xe2, 0xe6, 0xb3, 0xdd, 0x7e, 0x80, 0x50, 0xc0, 0xb4, 0x0c,
1068 0x4c, 0xd2, 0x31, 0xf3, 0xf8, 0x49, 0x31, 0xbe, 0xf2, 0x7d, 0x60,
1069 0x38, 0xe0, 0x60, 0xdf, 0x7b, 0x58, 0xe0, 0xf9, 0x6e, 0x68, 0x79,
1070 0x33, 0xb2, 0x2a, 0x53, 0x4c, 0x5a, 0x9d, 0xb3, 0x81, 0x4b, 0x19,
1071 0x21, 0xe2, 0x3a, 0x42, 0x07, 0x25, 0x5a, 0xee, 0x1f, 0x5d, 0xa2,
1072 0xca, 0xf7, 0x2f, 0x3c, 0x9b, 0xb0, 0xbc, 0xe7, 0xaf, 0x8c, 0x2f,
1073 0x52, 0x43, 0x79, 0x94, 0xb0, 0xee, 0xc4, 0x53, 0x09, 0xc0, 0xc9,
1074 0x21, 0x39, 0x64, 0x82, 0xc3, 0x54, 0xb8, 0x65, 0xf8, 0xdc, 0xb3,
1075 0xdf, 0x4d, 0xc4, 0x63, 0x59, 0x14, 0x37, 0xd6, 0xba, 0xa3, 0x98,
1076 0xda, 0x99, 0x02, 0xdd, 0x7a, 0x87, 0x3e, 0x34, 0xb5, 0x4b, 0x0a,
1077 0xb4, 0x2d, 0xea, 0x19, 0x24, 0xd1, 0xc2, 0x9f, 0x30, 0x82, 0x02,
1078 0xe9, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x07,
1079 0x01, 0xa0, 0x82, 0x02, 0xda, 0x04, 0x82, 0x02, 0xd6, 0x30, 0x82,
1080 0x02, 0xd2, 0x30, 0x82, 0x02, 0xce, 0x06, 0x0b, 0x2a, 0x86, 0x48,
1081 0x86, 0xf7, 0x0d, 0x01, 0x0c, 0x0a, 0x01, 0x02, 0xa0, 0x82, 0x02,
1082 0xa6, 0x30, 0x82, 0x02, 0xa2, 0x30, 0x1c, 0x06, 0x0a, 0x2a, 0x86,
1083 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x0c, 0x01, 0x03, 0x30, 0x0e, 0x04,
1084 0x08, 0xe0, 0x21, 0x4f, 0x90, 0x7d, 0x86, 0x72, 0xc7, 0x02, 0x02,
1085 0x07, 0xd0, 0x04, 0x82, 0x02, 0x80, 0x92, 0xac, 0xe8, 0x52, 0xa6,
1086 0x3e, 0xed, 0x3d, 0xbc, 0x28, 0x5f, 0xb9, 0x45, 0x76, 0x27, 0x95,
1087 0xf8, 0x6a, 0xc5, 0x17, 0x97, 0x46, 0x58, 0xe9, 0x15, 0x7c, 0x68,
1088 0x62, 0x67, 0xb5, 0x2f, 0x1b, 0x64, 0x27, 0x9d, 0xfd, 0x67, 0x66,
1089 0x42, 0x21, 0x5c, 0xf4, 0x64, 0x37, 0xcc, 0xc0, 0x04, 0x01, 0x91,
1090 0x6c, 0x6b, 0x84, 0x96, 0xae, 0x04, 0xfe, 0xcc, 0x88, 0x6a, 0x84,
1091 0xd7, 0x59, 0x28, 0x78, 0xc9, 0xb4, 0xf6, 0x4d, 0x86, 0x8d, 0x59,
1092 0xc6, 0x74, 0x30, 0xca, 0x2f, 0x0a, 0xa7, 0x66, 0x99, 0xf4, 0x8f,
1093 0x44, 0x6d, 0x97, 0x3c, 0xd6, 0xdb, 0xd6, 0x31, 0x8c, 0xf7, 0x75,
1094 0xd9, 0x0b, 0xf5, 0xd2, 0x27, 0x80, 0x81, 0x28, 0x0f, 0x6b, 0x8b,
1095 0x45, 0x11, 0x08, 0x1d, 0x06, 0x31, 0x4d, 0x98, 0x68, 0xc9, 0x09,
1096 0x9b, 0x51, 0x84, 0x81, 0x74, 0x76, 0x57, 0x63, 0xb5, 0x38, 0xc8,
1097 0xe1, 0x96, 0xe4, 0xcd, 0xd4, 0xe8, 0xf8, 0x26, 0x88, 0x88, 0xaa,
1098 0xdf, 0x1b, 0xc6, 0x37, 0xb8, 0xc4, 0xe1, 0xcb, 0xc0, 0x71, 0x3d,
1099 0xd6, 0xd7, 0x8b, 0xc6, 0xec, 0x5f, 0x42, 0x86, 0xb0, 0x8d, 0x1c,
1100 0x49, 0xb9, 0xc6, 0x96, 0x11, 0xa5, 0xd6, 0xd2, 0xc0, 0x18, 0xca,
1101 0xe7, 0xf6, 0x93, 0xb4, 0xf5, 0x7a, 0xe4, 0xec, 0xa2, 0x90, 0xf8,
1102 0xef, 0x66, 0x0f, 0xa8, 0x52, 0x0c, 0x3f, 0x85, 0x4a, 0x76, 0x3a,
1103 0xb8, 0x5a, 0x2d, 0x03, 0x5d, 0x99, 0x70, 0xbb, 0x02, 0x1c, 0x77,
1104 0x43, 0x12, 0xd9, 0x1f, 0x7c, 0x6f, 0x69, 0x15, 0x17, 0x30, 0x51,
1105 0x7d, 0x53, 0xc2, 0x06, 0xe0, 0xd2, 0x31, 0x17, 0x2a, 0x98, 0xe3,
1106 0xe0, 0x20, 0xfb, 0x01, 0xfd, 0xd1, 0x1b, 0x50, 0x00, 0xad, 0x1d,
1107 0xff, 0xa1, 0xae, 0xd6, 0xac, 0x38, 0x8b, 0x71, 0x28, 0x44, 0x66,
1108 0x8c, 0xb6, 0x34, 0xc5, 0x86, 0xc9, 0x34, 0xda, 0x6c, 0x2a, 0xef,
1109 0x69, 0x3c, 0xb7, 0xbd, 0xa5, 0x05, 0x3c, 0x7c, 0xfb, 0x0c, 0x2d,
1110 0x49, 0x09, 0xdb, 0x91, 0x3b, 0x41, 0x2a, 0xe4, 0xfa, 0x4a, 0xc2,
1111 0xea, 0x9e, 0x6f, 0xc3, 0x46, 0x2a, 0x77, 0x83, 0x4e, 0x22, 0x01,
1112 0xfb, 0x0c, 0x2d, 0x5a, 0xcf, 0x8d, 0xa7, 0x55, 0x24, 0x7c, 0xda,
1113 0x9e, 0xd8, 0xbc, 0xf6, 0x81, 0x63, 0x8a, 0x36, 0xd0, 0x13, 0x74,
1114 0x30, 0x4d, 0xd8, 0x4e, 0xa6, 0x81, 0x71, 0x71, 0xff, 0x9f, 0xf3,
1115 0x8d, 0x75, 0xad, 0x6b, 0x93, 0x93, 0x8c, 0xf8, 0x7d, 0xa6, 0x62,
1116 0x9d, 0xf7, 0x86, 0x6f, 0xcb, 0x5b, 0x6f, 0xe5, 0xee, 0xcd, 0xb0,
1117 0xb2, 0xfd, 0x96, 0x2c, 0xde, 0xa0, 0xcf, 0x46, 0x8c, 0x66, 0x0e,
1118 0xf9, 0xa3, 0xdb, 0xfa, 0x8f, 0x1b, 0x54, 0x9d, 0x13, 0x13, 0x6b,
1119 0x97, 0x43, 0x97, 0x64, 0xec, 0x2a, 0xc5, 0xc0, 0x26, 0xab, 0xea,
1120 0x37, 0xd6, 0xcb, 0xb9, 0x83, 0x18, 0x53, 0x5a, 0xcd, 0x28, 0xb3,
1121 0x3b, 0x9c, 0x13, 0xaa, 0x78, 0x6c, 0xcf, 0xe9, 0x75, 0x7c, 0x80,
1122 0x04, 0x05, 0x52, 0xda, 0x13, 0x41, 0xb0, 0x27, 0x0f, 0x82, 0xa3,
1123 0x81, 0xd8, 0xf7, 0xdc, 0x61, 0xbb, 0x98, 0x32, 0x5a, 0x88, 0xbf,
1124 0x49, 0xc1, 0x76, 0x83, 0xcd, 0xc4, 0xb4, 0xca, 0x8d, 0x36, 0x88,
1125 0xee, 0xdb, 0xc5, 0xf4, 0x13, 0x28, 0x4d, 0xae, 0x7a, 0x31, 0x3e,
1126 0x77, 0x19, 0xab, 0x11, 0x15, 0x29, 0xd4, 0xcf, 0xb4, 0x73, 0x36,
1127 0x92, 0x1e, 0x4e, 0x5d, 0x35, 0x57, 0x84, 0x45, 0x9d, 0x05, 0x3c,
1128 0x44, 0x86, 0x08, 0x0b, 0x90, 0x29, 0xf9, 0xe6, 0x48, 0xaf, 0xf4,
1129 0x62, 0xd2, 0x4d, 0x32, 0x1a, 0xe9, 0xbf, 0x3a, 0x7b, 0x25, 0x4a,
1130 0x03, 0xfb, 0x40, 0x1d, 0x71, 0x2c, 0x10, 0x54, 0xdc, 0xbf, 0xf4,
1131 0x50, 0x85, 0x15, 0x11, 0xb1, 0x2d, 0x03, 0x2c, 0xe4, 0x8a, 0xce,
1132 0xec, 0x6e, 0x46, 0x06, 0x13, 0x3c, 0x97, 0x8d, 0xdd, 0xf6, 0x1e,
1133 0x62, 0xb4, 0x8d, 0xfa, 0x2c, 0x86, 0x87, 0x64, 0x5e, 0xec, 0xc8,
1134 0x84, 0xd1, 0x3d, 0xc5, 0x76, 0x4a, 0x31, 0xd3, 0xdb, 0x34, 0x6e,
1135 0x8a, 0x49, 0xd6, 0x38, 0xbb, 0x05, 0xe9, 0x4d, 0xf1, 0xde, 0x3e,
1136 0xa4, 0x47, 0xdd, 0xe8, 0xa8, 0xf1, 0xba, 0x55, 0xce, 0xca, 0x5b,
1137 0x57, 0xd7, 0xc8, 0x9f, 0x09, 0xa3, 0x8e, 0x58, 0x83, 0x21, 0x0a,
1138 0x6e, 0xd3, 0x70, 0x9c, 0xb9, 0x7c, 0x52, 0x98, 0x53, 0xcb, 0xda,
1139 0x9d, 0xaf, 0xb7, 0x4b, 0xf7, 0x48, 0x91, 0x7e, 0x78, 0x20, 0x19,
1140 0xe3, 0x41, 0x9d, 0xc8, 0x68, 0x11, 0xfb, 0x5f, 0x6b, 0xc8, 0x09,
1141 0x74, 0xcb, 0x76, 0x08, 0xbc, 0x28, 0x63, 0x57, 0x04, 0xb0, 0x80,
1142 0xd1, 0x53, 0x60, 0x50, 0x44, 0xba, 0x80, 0x48, 0x5e, 0x0e, 0x9a,
1143 0xe5, 0x64, 0x26, 0x7a, 0x88, 0xb9, 0xc6, 0x33, 0x31, 0x15, 0x30,
1144 0x13, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09,
1145 0x15, 0x31, 0x06, 0x04, 0x04, 0x01, 0x00, 0x00, 0x00, 0x30, 0x3d,
1146 0x30, 0x21, 0x30, 0x09, 0x06, 0x05, 0x2b, 0x0e, 0x03, 0x02, 0x1a,
1147 0x05, 0x00, 0x04, 0x14, 0x32, 0x55, 0x07, 0xa2, 0x67, 0xf3, 0x76,
1148 0x4d, 0x0b, 0x6f, 0xa4, 0xa0, 0x7b, 0xce, 0x2f, 0xc5, 0xff, 0xbe,
1149 0x3e, 0x38, 0x04, 0x14, 0x52, 0xf8, 0xb3, 0xeb, 0xc3, 0xda, 0x79,
1150 0xfa, 0x75, 0x89, 0x67, 0x33, 0x01, 0xd0, 0xb0, 0x13, 0xfa, 0x11,
1151 0x94, 0xac, 0x02, 0x02, 0x07, 0xd0 };
1153 public SignedXml SignHMAC (string uri, KeyedHashAlgorithm mac, bool ok)
1155 string input = "<foo/>";
1157 XmlDocument doc = new XmlDocument ();
1158 doc.LoadXml (input);
1160 SignedXml sig = new SignedXml (doc);
1161 Reference r = new Reference ("");
1162 r.AddTransform (new XmlDsigEnvelopedSignatureTransform ());
1163 r.DigestMethod = uri;
1164 sig.AddReference (r);
1166 sig.ComputeSignature (mac);
1167 doc.DocumentElement.AppendChild (doc.ImportNode (sig.GetXml (), true));
1168 // doc.Save (System.Console.Out);
1170 sig.LoadXml (doc.DocumentElement ["Signature"]);
1171 AssertEquals ("CheckSignature", ok, sig.CheckSignature (mac));
1175 static byte [] hmackey = new byte [0];
1176 private const string more256 = "http://www.w3.org/2001/04/xmldsig-more#hmac-sha256";
1177 private const string more384 = "http://www.w3.org/2001/04/xmldsig-more#hmac-sha384";
1178 private const string more512 = "http://www.w3.org/2001/04/xmldsig-more#hmac-sha512";
1179 private const string moreripe = "http://www.w3.org/2001/04/xmldsig-more#hmac-ripemd160";
1182 public void SignHMAC_SHA256 ()
1184 SignedXml sign = SignHMAC (EncryptedXml.XmlEncSHA256Url, new HMACSHA256 (hmackey), true);
1185 AssertEquals ("SignatureMethod", more256, sign.SignatureMethod);
1189 public void SignHMAC_SHA256_Bad ()
1191 SignedXml sign = SignHMAC (more256, new HMACSHA256 (hmackey), false);
1192 AssertEquals ("SignatureMethod", more256, sign.SignatureMethod);
1196 public void VerifyHMAC_SHA256 ()
1198 string xml = "<?xml version=\"1.0\" encoding=\"Windows-1252\"?><foo><Signature xmlns=\"http://www.w3.org/2000/09/xmldsig#\"><SignedInfo><CanonicalizationMethod Algorithm=\"http://www.w3.org/TR/2001/REC-xml-c14n-20010315\" /><SignatureMethod Algorithm=\"http://www.w3.org/2001/04/xmldsig-more#hmac-sha256\" /><Reference URI=\"\"><Transforms><Transform Algorithm=\"http://www.w3.org/2000/09/xmldsig#enveloped-signature\" /></Transforms><DigestMethod Algorithm=\"http://www.w3.org/2001/04/xmlenc#sha256\" /><DigestValue>sKG2hDPEHiPrzpd3QA8BZ0eMzMbSEPPMh9QqXgkP7Cs=</DigestValue></Reference></SignedInfo><SignatureValue>Faad3KInJdIpaGcBn5e04Zv080u45fSjAKqrgevdWQw=</SignatureValue></Signature></foo>";
1199 XmlDocument doc = new XmlDocument ();
1202 SignedXml sign = new SignedXml (doc);
1203 sign.LoadXml (doc.DocumentElement ["Signature"]);
1205 // verify MS-generated signature
1206 Assert (sign.CheckSignature (new HMACSHA256 (hmackey)));
1210 public void SignHMAC_SHA512 ()
1212 SignedXml sign = SignHMAC (EncryptedXml.XmlEncSHA512Url, new HMACSHA512 (hmackey), true);
1213 AssertEquals ("SignatureMethod", more512, sign.SignatureMethod);
1217 public void SignHMAC_SHA512_Bad ()
1219 SignedXml sign = SignHMAC (more512, new HMACSHA512 (hmackey), false);
1220 AssertEquals ("SignatureMethod", more512, sign.SignatureMethod);
1224 public void VerifyHMAC_SHA512 ()
1226 string xml = "<?xml version=\"1.0\" encoding=\"Windows-1252\"?><foo><Signature xmlns=\"http://www.w3.org/2000/09/xmldsig#\"><SignedInfo><CanonicalizationMethod Algorithm=\"http://www.w3.org/TR/2001/REC-xml-c14n-20010315\" /><SignatureMethod Algorithm=\"http://www.w3.org/2001/04/xmldsig-more#hmac-sha512\" /><Reference URI=\"\"><Transforms><Transform Algorithm=\"http://www.w3.org/2000/09/xmldsig#enveloped-signature\" /></Transforms><DigestMethod Algorithm=\"http://www.w3.org/2001/04/xmlenc#sha512\" /><DigestValue>2dvMkpTUE8Z76ResJG9pwPpVJNYo7t6s2L02V81xUVJ0oF8yJ7v8CTojjuL76s0iVdBxAOhP80Ambd1YaSkwSw==</DigestValue></Reference></SignedInfo><SignatureValue>wFenihRlm1x5/n0cifdX/TDOYqlbg2oVIbD/gyrAc0Q2hiIUTtwfBIMY5rQhKcErSz6YNoIl8RBQBmww/0rv5g==</SignatureValue></Signature></foo>";
1227 XmlDocument doc = new XmlDocument ();
1230 SignedXml sign = new SignedXml (doc);
1231 sign.LoadXml (doc.DocumentElement ["Signature"]);
1233 // verify MS-generated signature
1234 Assert (sign.CheckSignature (new HMACSHA512 (hmackey)));
1238 public void SignHMAC_SHA384 ()
1240 // works as long as the string can be used by CryptoConfig to create
1241 // an instance of the required hash algorithm
1242 SignedXml sign = SignHMAC ("SHA384", new HMACSHA384 (hmackey), true);
1243 AssertEquals ("SignatureMethod", more384, sign.SignatureMethod);
1247 public void SignHMAC_SHA384_Bad ()
1249 // we can't verity the signature if the URI is used
1250 SignedXml sign = SignHMAC (more384, new HMACSHA384 (hmackey), false);
1251 AssertEquals ("SignatureMethod", more384, sign.SignatureMethod);
1255 public void VerifyHMAC_SHA384 ()
1257 string xml = "<?xml version=\"1.0\" encoding=\"Windows-1252\"?><foo><Signature xmlns=\"http://www.w3.org/2000/09/xmldsig#\"><SignedInfo><CanonicalizationMethod Algorithm=\"http://www.w3.org/TR/2001/REC-xml-c14n-20010315\" /><SignatureMethod Algorithm=\"http://www.w3.org/2001/04/xmldsig-more#hmac-sha384\" /><Reference URI=\"\"><Transforms><Transform Algorithm=\"http://www.w3.org/2000/09/xmldsig#enveloped-signature\" /></Transforms><DigestMethod Algorithm=\"SHA384\" /><DigestValue>kH9C0LeZocNVXhjfzpz00M5fc3WJf0QU8gxK4I7pAN7HN602yHo8yYDSlG14b5YS</DigestValue></Reference></SignedInfo><SignatureValue>LgydOfhv8nqpFLFPC+xg3ZnjC8D+V3mpzxv6GOdH1HDdw1r+LH/BFM2U7dntxgf0</SignatureValue></Signature></foo>";
1258 XmlDocument doc = new XmlDocument ();
1261 SignedXml sign = new SignedXml (doc);
1262 sign.LoadXml (doc.DocumentElement ["Signature"]);
1264 // verify MS-generated signature
1265 Assert (sign.CheckSignature (new HMACSHA384 (hmackey)));
1269 public void SignHMAC_RIPEMD160 ()
1271 // works as long as the string can be used by CryptoConfig to create
1272 // an instance of the required hash algorithm
1273 SignedXml sign = SignHMAC ("RIPEMD160", new HMACRIPEMD160 (hmackey), true);
1274 AssertEquals ("SignatureMethod", moreripe, sign.SignatureMethod);
1278 public void SignHMAC_RIPEMD160_Bad ()
1280 // we can't verity the signature if the URI is used
1281 SignedXml sign = SignHMAC (moreripe, new HMACRIPEMD160 (hmackey), false);
1282 AssertEquals ("SignatureMethod", moreripe, sign.SignatureMethod);
1286 public void VerifyHMAC_RIPEMD160 ()
1288 string xml = "<?xml version=\"1.0\" encoding=\"Windows-1252\"?><foo><Signature xmlns=\"http://www.w3.org/2000/09/xmldsig#\"><SignedInfo><CanonicalizationMethod Algorithm=\"http://www.w3.org/TR/2001/REC-xml-c14n-20010315\" /><SignatureMethod Algorithm=\"http://www.w3.org/2001/04/xmldsig-more#hmac-ripemd160\" /><Reference URI=\"\"><Transforms><Transform Algorithm=\"http://www.w3.org/2000/09/xmldsig#enveloped-signature\" /></Transforms><DigestMethod Algorithm=\"RIPEMD160\" /><DigestValue>+uyqtoSDPvgrsXCl1KCimhFpOVw=</DigestValue></Reference></SignedInfo><SignatureValue>8E2m/A5lyU6mBug7uskBqpDHuvs=</SignatureValue></Signature></foo>";
1289 XmlDocument doc = new XmlDocument ();
1292 SignedXml sign = new SignedXml (doc);
1293 sign.LoadXml (doc.DocumentElement ["Signature"]);
1295 // verify MS-generated signature
1296 Assert (sign.CheckSignature (new HMACRIPEMD160 (hmackey)));